· 7 years ago · Jun 26, 2018, 08:40 AM
1package org.wildfly.security.x500;
2
3import java.security.KeyPair;
4import java.security.Principal;
5import java.security.PrivateKey;
6import java.security.PublicKey;
7import java.security.cert.X509Certificate;
8import java.util.HashSet;
9import java.util.Iterator;
10import java.util.Set;
11
12import javax.crypto.SecretKey;
13import javax.security.auth.Subject;
14
15import org.wildfly.security.auth.principal.NamePrincipal;
16import org.wildfly.security.auth.server.IdentityCredentials;
17import org.wildfly.security.auth.server.SecurityDomain;
18import org.wildfly.security.auth.server.SecurityIdentity;
19import org.wildfly.security.authz.Roles;
20import org.wildfly.security.credential.Credential;
21import org.wildfly.security.credential.KeyPairCredential;
22import org.wildfly.security.credential.PasswordCredential;
23import org.wildfly.security.credential.PublicKeyCredential;
24import org.wildfly.security.credential.SecretKeyCredential;
25import org.wildfly.security.credential.X509CertificateChainPrivateCredential;
26import org.wildfly.security.credential.X509CertificateChainPublicCredential;
27import org.wildfly.security.password.Password;
28
29public class SubjectToSecurityIdentity {
30 @org.junit.Test
31 public void test() {
32 Subject subject = new Subject();
33 subject.getPrincipals().add(new NamePrincipal("test"));
34
35 SecurityDomain domain = SecurityDomain.builder().build();
36 SecurityIdentity identity = convertToSecurityIdentity(subject, domain);
37
38 System.out.println(identity);
39 }
40
41 SecurityIdentity convertToSecurityIdentity(Subject subject, SecurityDomain domain) {
42 Iterator<Principal> it = subject.getPrincipals().iterator();
43
44 SecurityIdentity identity = domain.createAdHocIdentity(it.next());
45
46 final Set<String> set = new HashSet<>();
47 it.forEachRemaining((principal) -> set.add(principal.toString()));
48 identity.withRoleMapper("ejb", (rolesToMap) -> Roles.fromSet(set));
49
50 IdentityCredentials publicCredentials = IdentityCredentials.NONE;
51 for (Object credential : subject.getPublicCredentials()) {
52 if (credential instanceof PublicKey) {
53 publicCredentials = publicCredentials.withCredential(new PublicKeyCredential((PublicKey) credential));
54 } else if (credential instanceof X509Certificate) {
55 publicCredentials = publicCredentials.withCredential(new X509CertificateChainPublicCredential((X509Certificate) credential));
56 } else if (credential instanceof Credential) {
57 publicCredentials = publicCredentials.withCredential((Credential) credential);
58 }
59 }
60 identity.withPublicCredentials(publicCredentials);
61
62 IdentityCredentials privateCredentials = IdentityCredentials.NONE;
63 for (Object credential : subject.getPrivateCredentials()) {
64 if (credential instanceof Password) {
65 privateCredentials = privateCredentials.withCredential(new PasswordCredential((Password) credential));
66 } else if (credential instanceof SecretKey) {
67 privateCredentials = privateCredentials.withCredential(new SecretKeyCredential((SecretKey) credential));
68 } else if (credential instanceof KeyPair) {
69 privateCredentials = privateCredentials.withCredential(new KeyPairCredential((KeyPair) credential));
70 } else if (credential instanceof PrivateKey) {
71 privateCredentials = privateCredentials.withCredential(new X509CertificateChainPrivateCredential((PrivateKey) credential));
72 } else if (credential instanceof Credential) {
73 privateCredentials = privateCredentials.withCredential((Credential) credential);
74 }
75 }
76 identity.withPrivateCredentials(privateCredentials);
77
78 return identity;
79 }
80}